Vulnerability Details : CVE-2014-3817
Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D32, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 on SRX Series devices, when NAT protocol translation from IPv4 to IPv6 is enabled, allows remote attackers to cause a denial of service (flowd hang or crash) via a crafted packet.
Vulnerability category: Denial of service
Products affected by CVE-2014-3817
- cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-3817
0.83%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 72 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-3817
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
CWE ids for CVE-2014-3817
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-3817
-
http://www.securitytracker.com/id/1030558
Juniper Junos SRX Series NAT flowd Bug Lets Remote Users Deny Service - SecurityTracker
-
http://secunia.com/advisories/59136
Sign in
-
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10635
Juniper Networks - 2014-07 Security Bulletin: Junos: SRX flowd denial of service vulnerability in NAT protocol translation (CVE-2014-3817)Vendor Advisory
-
http://www.securityfocus.com/bid/68545
Juniper Junos NAT Functionality CVE-2014-3817 Denial of Service Vulnerability
Jump to